From b79f52be5258d269ad1ae35159aeb5ecf1493115 Mon Sep 17 00:00:00 2001 From: roh Date: Tue, 29 Oct 2013 12:32:37 +0000 Subject: [PATCH] msudo - Execute a command as another user version 0.3. - use execv() instead of system() Config file format changed. Format of line in config file: user prgName arguments_in_regexp Example of config line, user "rohel" can start "/usr/sbin/arping some_parameters": rohel /usr/sbin/arping .* git-svn-id: https://ais-dataserver:8443/svn/WinConfig/trunk/projects/msudo@2952 30e310cc-b365-5d4b-8166-626653d85fd0 --- msudo.c | 84 ++++++++++++++++++++++++++++++++++++++++-------------- msudo.conf | 4 +-- 2 files changed, 65 insertions(+), 23 deletions(-) diff --git a/msudo.c b/msudo.c index 2d496b0..5bdec72 100644 --- a/msudo.c +++ b/msudo.c @@ -16,57 +16,98 @@ email: jaroslav.rohel@ais-brno.cz #include #include -int main(int argc, const char *argv[]) +int main(int argc, char *argv[]) { FILE *cfgFile; uid_t my_uid; struct passwd *pw; - if (argc!=2 || argv[1]=='\0') + if (argc<2 || argv[1]=='\0') { - fprintf(stdout, "msudo version 0.2 Jaroslav Rohel, 2013\n\n", argv[0]); + fprintf(stdout, "msudo version 0.3 Jaroslav Rohel, 2013\n\n", argv[0]); fprintf(stdout, "Usage:\n"); fprintf(stdout, "%s pathToPrgForExec_with_arguments\n\n", argv[0]); fprintf(stdout, "Example:\n"); - fprintf(stdout, "%s \"/usr/sbin/arping -i eth0 192.168.10.100\"\n\n", argv[0]); + fprintf(stdout, "%s /usr/sbin/arping -i eth0 192.168.10.100\n\n", argv[0]); return -1; } // get my real name my_uid = getuid(); pw = getpwuid(my_uid); +// printf("%s\n", pw->pw_name); cfgFile = fopen(CFG_FILE_NAME, "r"); if (cfgFile) { - const char *wantPrg = argv[1]; - + const char *wantPrgName = argv[1]; char username[1024]; - char pattern[1024]; + char prgname[1024]; + char prgargspattern[1024]; + char wantArgs[10000]; // char *pattern = "a[a-c]u"; + int params; int found = 0; + int exit = 0; - while (fscanf(cfgFile, "%1023s%*10000[ \t]%1023[^\n\r]%*10000[\n\r]", username, pattern) >= 2) + wantArgs[0] = '\0'; + if (argc >= 3) + { + int i; + int firstArg = 2; + int freeLen = sizeof(wantArgs) - 1; + for (i=firstArg; i freeLen) + { + fprintf(stderr, "Error: Too long arguments.\n"); + exit = 1; + break; + } + if (i > firstArg) + { + strcat(wantArgs, " "); + freeLen--; + } +// strcat(wantArgs, "\""); + strncat(wantArgs, argv[i], srcLen); +// strcat(wantArgs, "\""); + freeLen -= srcLen;// + 2; + } + } + + while (!exit && (params=fscanf(cfgFile, "%1023s%*10000[ \t]%1023s%*10000[ \t]%1023[^\n\r]%*10000[ \t\n\r]", username, prgname, prgargspattern)) >= 2) { // printf("UserName: %s\n", username); // printf("PrgName: %s\n", prgname); - if (strcmp(username, pw->pw_name) == 0) +// printf("pattern: %s\n", prgargspattern); + if (strcmp(username, pw->pw_name)==0 && strcmp(wantPrgName, prgname)==0) { - regex_t preg; - int rc; - rc = regcomp(&preg, pattern, 0); - if (rc) + if (params==2 && argc==2) { - fprintf(stderr, "regcomp() failed, returning nonzero (%d)\n", rc); + found = 1; break; } - rc = regexec(&preg, wantPrg, 0, NULL, 0); - regfree(&preg); - if (!rc) + else if (params > 2) { - found = 1; - break; + regex_t preg; + int rc; + + rc = regcomp(&preg, prgargspattern, 0); + if (rc) + { + fprintf(stderr, "regcomp() failed, returning nonzero (%d)\n", rc); + break; + } + rc = regexec(&preg, wantArgs, 0, NULL, 0); + regfree(&preg); + if (!rc) + { + found = 1; + break; + } } } } @@ -74,9 +115,10 @@ int main(int argc, const char *argv[]) if (found) { printf("Starting\n"); - system(wantPrg); +// system(wantPrgName); + execv(wantPrgName, &argv[1]); } - else fprintf(stdout, "User \"%s\" is not allowed to start \"%s\"\n", pw->pw_name, wantPrg); + else fprintf(stdout, "User \"%s\" is not allowed to start program \"%s\" with arguments \"%s\"\n", pw->pw_name, wantPrgName, wantArgs); } else fprintf(stderr, "Can't open config file %s\n", CFG_FILE_NAME); return 0; diff --git a/msudo.conf b/msudo.conf index acd3119..a7d85cb 100644 --- a/msudo.conf +++ b/msudo.conf @@ -1,2 +1,2 @@ -rohel ^/home/rohel/prace/AIS/SVN/WinConfig/trunk/projects/msudo/test.sh$ -rohel ^/usr/sbin/arping.*$ +rohel /home/rohel/prace/AIS/SVN/WinConfig/trunk/projects/msudo/test.sh +rohel /usr/sbin/arping .*